To run a secure system, you should bear the following points in mind:
- The ArchiveOne Users group, by default, ArchiveOneUsers, has rights to log into ArchiveOne Admin and run policies, perform archive searches, or change configuration. Add only those users you want to allow to perform these operations.
- ArchiveOne does not change the security configuration of any of the directories used for storing the index, temporary data, etc. If users have access to the machine on which they are hosted, ensure that only the ArchiveOne Admin user, by default, ArchiveOneAdmin, has rights to view or update these directories and their subdirectories.
- To keep audit logs secure, change permissions on their directory, by default: C:\Program Files (x86)\Barracuda\ArchiveOne\AOnePolAudit
- The public folder in which search results are placed inherits permissions from its parent folder. Review these permissions and change the default permission to none.
- If you are using a third-party storage manager, review the associated documentation for details on securing the archive.